<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
    <head>
        <meta charset="UTF-8">
        <title></title>
    </head>
    <body>
        <?php
        require_once '../includes/seguridad.php';
        session_start();

        if (empty($_REQUEST['username']) || empty($_REQUEST['password'])) {
            $error = "Contraseña o nombre de usuario invalidos";
            print $error;
        } else {
// Define $username and $password
            $user = $_REQUEST['username'];
            $pass = $_REQUEST['password'];
            $error=check_user($user, $pass);
            
            if (strlen($error)>0)
                print $error;
            else {
                header("location: " . $_SESSION['afterLogin']);
                //print_r($_SESSION);
            }
            
            /*
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
            $db = new PDO("mysql:dbname=atletismo;host=localhost", "clinica", "clinica");
            $db->exec("SET CHARACTER SET utf8");
            $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// To protect MySQL injection for Security purpose
            $username = stripslashes($username);
            $password = stripslashes($password);
// SQL query to fetch information of registerd users and finds user match.
            $resul = $db->query("select * from usuario,rol_usuario where id=idusuario and password='$password' AND login='$username'");
            $rows = $resul->rowCount();
            if ($rows >= 1) {               
                print_r($rows);
                $_SESSION['username'] = $username; // Initializing Session
                foreach ($row as $k=>$v) {
                    $_SESSION['roles'][]=$v;
                }
                header("location: " . $_SESSION['afterLogin']); // Redirecting To Other Page
            } else {
                $error = "Contraseña o nombre de usuario invalidos";
            }
            print $error;
            $db=null; // Closing Connection        
             * /
             */
        }
        ?>
    </body>
</html>
